AI Security Review
scanned 3h ago · by lpm-firewall-aiNo unconsented install-time or import-time attack behavior is established. The package is an explicitly started honeypot that can collect attacker-session data and optionally upload sanitized intelligence only when an endpoint is configured.
Static reason
One or more suspicious static signals were detected.
Trigger
User runs `panguard-trap start`/`deploy` or constructs `TrapEngine` with enabled services and a threat-cloud endpoint.
Impact
Intended honeypot operation; no confirmed package-host compromise, persistence, or stealth exfiltration.
Mechanism
Starts local decoy network services and optionally POSTs sanitized trap intelligence.
Rationale
Scanner hits are package-aligned: the dynamic import loads the declared SSH implementation, while network and credential patterns implement an explicitly invoked honeypot. No lifecycle hook, autonomous execution, foreign control-surface mutation, or concrete malicious chain was found.
Evidence
package.jsondist/index.jsdist/cli/index.jsdist/trap-engine.jsdist/threat-cloud-uploader.jsdist/services/ssh-trap.jsdist/types.jsdist/pid-file.jsdist/services/generic-trap.jsdist/services/base-service.js
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- `package.json` has no preinstall/install/postinstall hooks.
- `dist/index.js` only exports APIs; importing does not start services.
- `dist/cli/index.js` starts listeners only for explicit `start`/`deploy` commands.
- `dist/services/ssh-trap.js` dynamically imports the literal optional `ssh2` package, then falls back to `node:net`.
- `dist/threat-cloud-uploader.js` uploads only when a caller supplies `threatCloudEndpoint`; payload anonymizes IPs and hashes usernames.
- No child-process execution, eval/vm, native loading, agent-control writes, or host credential harvesting found.
Behavioral surface
CryptoDynamicRequireFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/services/generic-trap.jsView file
76patternName = generic_password
severity = medium
line = 76
matchedText = pwd: '...
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/services/generic-trap.jsView on unpkg · L76dist/services/ssh-trap.jsView file
101logger.info('SSH honeypot using TCP fallback (ssh2 not available)');
L102: const net = await import('node:net');
L103: this.server = net.createServer((socket) => {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/services/ssh-trap.jsView on unpkg · L10172patternName = generic_password
severity = medium
line = 72
matchedText = pwd: '...
Medium
Secret Pattern
Hardcoded password in dist/services/ssh-trap.js
dist/services/ssh-trap.jsView on unpkg · L72Findings
4 Medium4 Low
MediumSecret Patterndist/services/generic-trap.js
MediumDynamic Requiredist/services/ssh-trap.js
MediumNetwork
MediumSecret Patterndist/services/ssh-trap.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings